Posts Tagged ‘me happy’

CCSA R71 – now it is official

Posted: August 26, 2011 in technical
Tags: ,

weekend de rasfat

Posted: August 7, 2011 in personal
Tags: ,

De ce? Pentru ca am pornit-o de sambata dimineata: Starbucks de dimineata, shopping, film cu 2 prieteni buni, mers la deschiderea stadionului Lia Manoliu cu alt prieten. Apoi cina la Ali Baba cu prietenul de mai sus si sotia lui. – pictures to come

For ze record: I absolutely love Ali Baba (specially the desert called Ali Baba nights)聽– pictures to come

Narghilea si povesti pana la 1 noaptea la Shisha Caffe 8->

Somn

Duminica dimineata: Starbucccksss 馃榾 apoi pranz la Don Corleone, vizitat animalutzele de la Zoo (loved ze python 馃榾 – ze animal, not the scripting language 馃槢 ), apoi bagat Geol la “Lente” – impreuna cu prietenii de la care asteptam si pozele.

Ca Niciodata! Un weekend linistit Acasa, cu tiranul si cu prietenii. Nu munca, nu travel, doar lenevit, mancat chestii bune, plimbat, shopping, film, joaca, tinut in brate 馃槢

 

Un bine-meritat (zic eu) week-end dupa 1 luna in care am luat la foc automat 2 certificari de security clasificate in primele 10 din lume de mai multe topuri! 馃榾

Feel like doing something good with my life, and enjoying it at the same time.

/Me happy

back to Israel

Posted: July 24, 2011 in personal
Tags: ,

Yes, me again. Here 馃檪 Bumpy ride. Nice company.

After getting my luggage I observed that some stingy (most probably Romanian) person put his/her brandy (Romanian: tuica) in the luggage, trying to avoid paying the transportation. Guess whose ENTIRE luggage now smells like …brandy ?

Buut it ends well: at the hotel (my fav : Leonardo Boutique), the guy at the reception asked whether I was here for the first time. Not only that I wasn’t here for the first time, but I told him (the truth) that this is my favorite hotel. Guess who now has an upgraded panoramic view room? 馃榾

Me happy. Told you I missed this wonderful city.

Sleep now 馃檪

‘ve been there: super freaking CRAZY

That guy is absolutely nuts. He laughed and made jokes the entire concert; at the beginning he said he loves our beer and our women and he’s pretty sure he’s going to get very drunk and dance naked on the scene.

Close to the end of the show he managed to snap his pants, so that all of us could see his underwear.

Playlist (from memory):

Ghost Division

40:1

The price of a mile

Cliffs 聽of Gallipoli

Into the fire

Panzer battalion

Primo Victoria

Metal Machine

—-and so on

just 1 hour :((

 

Carte pentru Copii

Posted: June 3, 2011 in promote
Tags:

Pentru ca a fost Ziua Copilului si pentru ca avem o familie de kinderi saracutzi, azi am strans bani si am cumparat carti pentru copiii nostri 馃檪

http://miaschildren.org/

Si pentru ca echipa mea a fost mai mereu super ocupata si nu ne-am mobilizat la timp, azi cativa colegi au plecat frumusel cu banii spre librariile si anticariatele din centru si s-au intors cu o cutie plina de carti frumoase. Singura obiectie a noastra a fost ca dintre toti dezvoltatorii nostri super tari pe Security si 4G si VoIP, nu a reusit niciunul sa cumpere o carte de programare 馃槢

Lately I had the opportunity to work again with the VoIP team. Besides the fact that I remember the good old days when I was the stupidest member of the team and I super super enjoyed learning in a fast manner from my VoIP guru colleagues, I really enjoyed getting in touch again with this wonderful technology.

I am moving towards a managerial/sales position, but moments like this re-confirm to me that I am truly happy when I do 1000% super technical stuff. I love mathematics and cryptography and working with super technical people. I am just happy to do this

Secure Real-time Transport Protocol – RFC 3711 is a pretty classic transport protocol for VoIP packets. It can be used as a stand-alone protocol, which case it should have some out of band ways of defining the encryption and authentication keys. Also, these keys can be dynamically negotiated via SDP – Security Description for Media Streams – RFC 4568.

Basically there are 3 crypto suites that can be used to encrypt the RTP payload:

AES_CM_128_HMAC_SHA1_80

AES_CM_128_HMAC_SHA1_32

AES_F8_128_HMAC_SHA1_80

These are classic crypto suites, but each implementation may use variations of these ones. I wouldn’t say that you can define your own 3DES crypto suite for securing RTP packets, but at least you can use your own key length for authenticating the packets.

Encryption either uses AES in Counter Mode or in F8. I never used F8, so I won’t talk about it right now 馃檪

Authentication uses a hash based message authentication code, having SHA1 as a hash function.

And, as we all know, the SHA1 produces an output of 160 bits.

The nice people from IETF show us how the SRTP packet is supposed to look like:

        0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
     |V=2|P|X|  CC   |M|     PT      |       sequence number         | |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
     |                           timestamp                           | |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
     |           synchronization source (SSRC) identifier            | |
     +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |
     |            contributing source (CSRC) identifiers             | |
     |                               ....                            | |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
     |                   RTP extension (OPTIONAL)                    | |
   +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
   | |                          payload  ...                         | |
   | |                               +-------------------------------+ |
   | |                               | RTP padding   | RTP pad count | |
   +>+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<+
   | ~                     SRTP MKI (OPTIONAL)                       ~ |
   | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
   | :                 authentication tag (RECOMMENDED)              : |
   | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
   |                                                                   |
   +- Encrypted Portion*                      Authenticated Portion ---+

In SDP (or otherwise via out of band methods), the sender and receiver exchange master keys in order to have a cryptographic base for VoIP packets encryption. The keys are series of bits and are not directly used for encryption. They are master keys out of which each party derives symmetrical sessions keys used for the actual RTP encryption. Usually the master “key” that is exchanged between parties also contains a salt value, used for randomization at the session keys generation and also in re-keying. Although this value is not mandatory, it is strongly recommended, as it provides enough randomization to protect against off-line dictionary attacks on the session keys.

The optional MKI (Message Key Identified) header has a configurable length (it usually is 4B) and it is used by sender and received to properly identify the master key used for the current stream – this is also used in re-keying.

The authentication tag, or n_tag – the way it’s called, contains the authentication data. This is a recommended field, as is used when the packet is also authenticated (not only encrypted). The RTP packet can be only encrypted – null authentication, null-encrypted and authenticated and both encrypted and authenticated (when the encryption is done before authentication). This n_tag contains the authentication data, providing protection against replay attacks.

Intrinsic to the SRTP there is no way of specifying the keys lifetime. This is either pre-configured on the RTP endpoints, or it is negotiated in the SDP header. This lifetime is specified (at least to my understanding) in terms of packets: how many packets the endpoint is supposed to encrypt using a particular session key, before that key is no longer considered safe to use.

If we are to consider a call-control scenario, my SDP would look something like this:

 a=crypto:1 AES_CM_128_HMAC_SHA1_80
      inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:32

where:

– the algorithm used is AES in Counter Mode, using a 128b key and HMAC-SHA1 authentication key, out of which it uses only 80b of the master key that follows

– the master key is what follows after the “inline” keyword:

PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR

meaning that fancy string

– also, that fancy string may or may not contain the salt also within it

– the聽2^20 is the lifetime in terms of packets to be encrypted before a new session key must be generated

– the聽1:32 is the MKI: value is “1” and the number of 聽bits used for representing it is “32”; this can also be expressed as “1:4” meaning: value 1 for MKI and 4B

The RTP packets would have a “trailer” containing the MKI and the n_tag.

Let’s take a simple example of a G711 U-Law, 20ms p-time (meaning 160B per frame) codec, which is encrypted as above.

The total number of Bytes in the UDP packet would be 224, out of which, for RTP we have 180 B:

– 12 B RTP header

– 160 B payload

– 4 B MKI

– 4 B AuthTag

The SIP SDP would look like this:

SDP

The RTP would look like this:

srtp

Happy securing stuff to everybody!

Budapesta – day 1.5

Posted: April 17, 2011 in travel
Tags: , ,

Trezit la 7, bagat alergat si un pic de tras de fiare, apoi 2 ore jumate de inot in piscina, stat afara la un jacuzzi super mare, steam bath, Finnish sauna, organic sauna.

I could definitely get used to starting all my days like today. Only one thing missing: ze Tyrant 馃槮

Budapesta – day 1

Posted: April 16, 2011 in travel
Tags: , ,

Zburat incoace cu Malev – Bombardier Q400. Desi initial mi-a fost super teama ca ma vor zdruncina cat sa nu mai pup zburat, zborul a fost genial. Oamenii de la Malev super simpatici, mai ales ca eram singurul non-vorbitor de maghiara (ceilalti 6 pasageri stiau maghiara).

La aeroport m-a asteptat nenea de la Shuttle si m-a dus (pe mine si pe 2 chinezi), la hotel.

Ramada Resort Aquaworld.

130 Eur 2 nopti cu mic dejun inclus. 4 stele, VOD.

Mesaj pe TV cu “Welcome, Miss Cristina” si first channel: Classical Music. BTW: Acum ascult Beethoven 馃榾 .聽Somebody did their homework well 馃榾

GE-NI-AL! 馃榾

Thanks, Mali and Nathan !

Shakshuka

The recipe looks like this:

15 注讙讘谞讬讜转 讘砖诇讜转

4 讘讬爪讬诐

2 讻驻讜转 讙讚讜砖讜转 专住拽 注讙讘谞讬讜转 (讻谉 专住拽 注讙讘谞讬讜转 讝讗转 诇讗 拽诇诇讛)

3 讻驻讜转 讙讚讜砖讜转 诪专拽 注讜祝 (讙诐 诪专拽 注讜祝 讝讗转 诇讗 拽诇诇讛)

2 讘爪诇讬诐 讙讚讜诇讬诐

2 讙诪讘讜转 讗讚讜诪讜转

3 砖讬谞讬 砖讜诐

讞爪讬 讻祝 砖讟讜讞讛 讻讜专讻讜诐

讻祝 砖讟讜讞讛 讻诪讜谉

讻祝 砖讟讜讞讛 驻诇驻诇 砖讞讜专 讟讞讜谉

讻祝 砖讟讜讞讛 驻驻专讬拽讛 诪转讜拽讛

讻祝 砖讟讜讞讛 驻驻专讬拽讛 讞专讬驻讛

讗讜驻谉 讛讛讻谞讛 禄

  1. 拽讜爪爪讬诐 讗转 讛讘爪诇 讜诪讟讙谞讬诐
  2. 讘讝诪谉 砖讛讘爪诇 讘砖诪谉, 讞讜转讻讬诐 讗转 2 讛讙诪讘讜转 讜砖诇讜砖转 砖讬谞讬 讛砖讜诐 诇专讬讘讜注讬诐 拽讟谞讬诐 讻诪讛 砖讬讜转专
  3. 诪讜住讬驻讬诐 讗转 讛讙诪讘讜转 讜讛砖讜诐 讗诇 讛诪讞讘转 讜诪注专讘讘讬诐 讛讬讟讘
  4. 讘谞转讬讬诐 讞讜转讻讬诐 讗转 讻诇 讛注讙讘谞讬讜转 诇专讬讘讜注讬诐 讜诪注专讘讘讬诐 诪讚讬 驻注诐 讗转 讛转注专讜讘转 讘诪讞讘转. 讟讬驻
  5. 住讬讬诪转诐 诇讞转讜讱 讗转 讛注讙讘谞讬讜转? 讛讜住讬驻讜 讗讜转诐 诇诪讞讘转, 注专讘讘讜 讛讬讟讘, 讜讻住讜 注诐 诪讬讻住讛 注诇 讗砖 讘讬谞讜谞讬转.
  6. 诪讚讬 8-10 讚拽讜转 讬砖 诇驻转讜讞 讗转 讛诪讻住讛 讜诇砖驻讜讱 讗转 讛诪讬爪讬诐 砖驻诇讟讜 讛注讙讘谞讬讜转 讜诇注专讘讘 讛讬讟讘. 住讜讚1
  7. 讛注讙讘谞讬讜转 讞讚诇讜 诪诇讛驻专讬砖 诪讬爪讬诐? 讝讛讜 讝诪谉 讛转讬讘讜诇. 住讜讚2
  8. 讛讜住讬驻讜 讗转 讻诇 讛砖讗专 讛转讘诇讬谞讬诐 讜讗转 砖转讬 讻驻讜转 专住拽 讛注讙讘谞讬讜转, 注专讘讘讜 讛讬讟讘 讜讛诪转讬谞讜 3 讚拽讜转.
  9. 讛讜住讬驻讜 讗转 讛讘讬爪讬诐 讜注专讘讘讜 讛讬讟讘 讻5 讚拽讜转. 住讜讚3

10.聽 讻讘讜 讗转 讛讗砖 讜转谞讜 诇砖拽砖讜拽讛 诇讛转拽专专 诇诇讗 诪讻住讛 讻8-10 讚拽讜转. 住讜讚4

Which in English, looks like this – from Google Translator:

15聽ripe tomatoes
4 eggs
2 heaping tablespoons聽tomato paste聽(tomato paste聽so聽it is not聽a curse)
3聽heaping tablespoons聽chicken soup聽(chicken soup, too聽It’s not聽a curse)
2 large onions
2 red peppers聽red
3 garlic cloves
Flat聽half聽tablespoon聽turmeric
Flat聽tablespoon聽cumin
Flat聽tablespoon聽ground black pepper
Flat聽tablespoon聽sweet paprika
Flat聽tablespoon聽cayenne
Preparation聽禄
1.聽Chop the聽onion and fry
2.聽While聽the onion聽in oil, cut聽the聽2 red peppers聽and three聽cloves of聽garlic聽as much as possible聽into small squares
3.聽Add the聽red peppers聽and garlic聽to聽skillet聽and mix well
4.聽Meanwhile聽cut the聽tomatoes聽into squares聽and stir聽every聽now and then聽the mixture聽in the pan.聽Tip
5.聽Finished聽cut聽the tomatoes?聽Add聽to聽skillet, mix聽well, cover聽with聽lid聽over medium heat.
6.聽Every聽80-10聽minutes聽Open the聽lid聽and pour聽the juices聽emitted by聽tomato聽and mix well.Secret聽1
7.聽Tomato聽juices聽have ceased聽Mlofris?聽This is the聽seasoning聽time.聽Secret聽2
8.聽Add the聽rest of聽the spices聽and聽two tablespoons of聽tomato paste, mix聽well聽and wait聽3 minutes.
9.聽Add the聽eggs聽and mix well聽for 5聽minutes.聽Secret聽3
10.聽Turn off聽the heat聽and let聽cool, uncovered聽Shakshuka聽about聽8-10 minutes.聽Secret聽4

Today was probably my best day ever in Israel! Nathan and his girlfriend, Mali, invited me over and thought me how to prepare Israeli food, like, the real stuff! Using original recipes from their family. Of course, Mali was the master, but she let Nathan have all the glory of teaching the alien how to cook 馃槢

I don’t yet have all the recipes, in my head. Mali will translate them for me and send it over, along with the pictures I’ve taken from the production steps.

Basically, I’ve had a crash course, hands-on training on how to prepare shakshuka, tahini and 2 types of salad. They use a lot of interesting spice and garlic. Then they gave me vodka. I believe it is called Van Gogh, pretty interesting name for Vodka, huh? I only managed to taste 2 types of this Van Gogh, one tasted like pineapple, while the other one has an espresso taste. They were very good, but still too hot for me.

Pictures: when I get them from Mali. I made new friends and hopefully I didn’t scare them off with my too much talking.

Oh, the guys here took my Hebrew learning very seriously, so they are working hard on getting me up to date with the Hebrew slang. From the top of my head:

What’s up, bro? = Manysh-ma ne-shama?

Oki, doki = Sababa

All is smooth (honey..) = Acol dvash.

Today I ordered my restaurant food on my own. And I finally learnt how to ask for water – you do remember I only learned how to ask for wine and beer.

Ani rotsa leehol shakshuka. Ve-ani rotsa lishtot meim, bevakasha. = I want to eat shakshuka. And I want to drink water, please.